670 likes | 778 Views
BreezeACCESS Features. Learning Objectives. Upon successful completion of this lesson, you will be able to:. State the purpose of the ESSID and the Operator ESSID. State the different passwords for accessing the BreezeACCESS Monitor session, and the rights that are granted by each.
E N D
Learning Objectives Upon successful completion of this lesson, you will be able to: • State the purpose of the ESSID and the Operator ESSID. • State the different passwords for accessing the BreezeACCESS Monitor session, and the rights that are granted by each. • State the purpose of setting Network Management IP addresses. • State the purpose of, and the reason for setting the Maximum Information Rate (MIR). • State the purpose of, and the reason for setting the Committed Information Rate (CIR). • Define the IEEE 802.1p convention, and how it is implemented in BreezeACCESS radios.
Learning Objectives, cont. Upon successful completion of this lesson, you will be able to: • Define the IEEE 802.1q convention, and how it is implemented in BreezeACCESS radios. • Describe and explain how VLAN is implemented in the Access Units and the Subscriber Units. • State the various levels of VLAN within the BreezeACCESS radios. • Describe how using the Multi-Rate feature and Best AU feature can improve network performance.
BreezeACCESS Features • Although there are many optional features available within the Configuration Menus, we are only going to discuss the most important features that will apply to basic settings, network management settings, service parameters, bridging, or voice settings . • Refer to the BreezeACCESS System Manual for a complete description on all of the features available.
Management • Local Monitor (ASCII Terminal) • TELNET • SNMP • SNMP agents available in all the products • Supported MIBs: • MIB-II (RFC 1213) • Bridge-MIB (RFC 1286) • Ethernet • IEEE 802.11 • Proprietary • Management Applications • SNMPc, HP OpenVIEW, What’s Up Gold • BreezeACCESS Config Utility
Common Settings ESSID, Operator ESSID, IP Parameters, Community Strings, Antenna Diversity, Hopping Sequence
ESSID Parameters • A string of characters used to identify a wireless network. It prevents the merging of two co-located wireless networks. • Used to segment networks. • Added security to wireless networks. • A string of 31 printable ASCII characters, case sensitive. • Default is ESSID1 • It is STRONGLY recommended to change this parameter upon receiving the units.
Operator ESSID Parameters (AU Only) • A secondary ESSID that can be configured in the AU. • Used to enhance flexibility and reduce configuration efforts when adding new SUs. • ESSID and Operator ESSID are included in the AU’s beacon and probe response management frames. • In the event all units are configured with the same ESSID, Operator ESSID is not needed and can be disabled.
IP Parameters • IP Address – Displays the current IP address of the unit and allows entry of a new IP address. • Subnet Mask – Displays the current subnet mask of the unit and allows entry of a new subnet mask. • Default Gateway Address – Displays the current address of the default gateway of the unit and allows entry of a new default gateway address. • DHCP Client – Allows for the radio to be assigned a dynamic IP address from any DHCP server. • This can be accomplished via the WLAN, Ethernet or both WLAN & Ethernet sides.
Passwords • Read-Only Access: (public) • Only the Info Screens option is displayed. Users with this access level cannot access the Unit Control, Basic Configuration, Site Survey, and Advanced Configuration menus. • Installer Access: (user) • Access to only the Info Screens, Unit Control, Basic Configuration, and Site Survey are displayed. • Administrator Access: (private) • Allows access to the full Main Menu, and user authorized access to all menu items.
Hopping Sequence • A predefined series of channels (frequencies) that are used in a specific, pseudo-random order as defined in the sequence. • When more than 1 AU is co-located in the same area, it is recommended to assign different hopping sequences to each AU offset by 3. • When setting up multiple AUs in the same site, always use hopping sequences from the same hopping set to reduce the possibility of collisions on the wireless media. • This parameter is set in the AU, and all of the SUs learn from it during the Association Process. • Default setting is 1.
Access to NMS • Defines the port through which the unit can be managed. Options include: • WLAN Only • Ethernet Only • Both WLAN and Ethernet
Network Management Filtering • When enabled, the unit can only be managed by stations whose IP addresses match one of the entries in the “Set Network Management IP Addresses”. • Disable. • Activate Management IP Filtering on the Ethernet Port. • Activate Management IP Filtering on the WLAN Port. • Activate Management IP Filtering From Both Ethernet & WLAN Ports.
Set Network Management IP Addresses • Displays the IP address of the stations that can manage the unit, and allows for new entries. Up to 3 IP addresses can be defined. • Default value for all 3 IP addresses is: • 000.000.000.000
MIR/CIR Parameters • The Maximum Information Rate (MIR) value, specifies the maximum data rate available for burst transmissions, provided such bandwidth is available. • The Committed Information Rate (CIR) value, specifies the minimum data rate guaranteed to the applicable subscriber.
MIR/CIR Parameters, cont. MIR/CIR Option: • In SW version 4.0 this option controls the operation of the whole cell. Therefore, when enabled, this option is useless in the SU because the AU will override any possible conflicting settings. • The option is available in SUs only for compatibility with previous versions of SW to support operations with the AU. • Default selection is Disabled.
MIR/CIR Parameters, cont. MIR: AU to SU (SU Only) and SU to AU • Sets the MIR rate of the SU. • The MIR value cannot be lower than the corresponding CIR value. • Valid range is 32 to 2200 Kbps • Default is 128 Kbps.
MIR/CIR Parameters, cont. CIR: AU to SU (SU Only) and SU to AU • Sets the CIR of the SU. • The CIR value cannot be higher than the corresponding MIR value. • Valid range is 0 to 2200 Kbps • Default is 64 Kbps.
MIR/CIR Parameters, cont. MIR Option Only: (AU) • Forces the MIR/CIR algorithm to use only the MIR values. • The AU attempts to enable all SUs to transmit/receive information at the specified MIR value. • Graceful degradation algorithm is disabled when this option is enabled.
Broadcast Filtering • Allows defining Layer 2 Ethernet broadcast and multicast filtering. • Enhances the security of the network and saves bandwidth by blocking protocols that are typically used in the customer’s LAN, but not relevant for other customers.
Broadcast Filtering Filter Options: • Disable • From Ethernet Only – Filter broadcasts from Ethernet port. • From WLAN Only – Filter broadcasts from WLAN port. • Both From Ethernet and WLAN – Filter broadcasts from both Ethernet and wireless link.
Other Broadcast Filtering Options • DHCP Broadcast Override Filter • PPPoE Broadcast Override Filter • ARP Broadcast Override Filter Enables broadcasting of DHCP, PPPoE, or ARP messages. This means that regardless of the setting in the previous menu, these broadcasts will still be transmitted.
IEEE 802.1q • An IEEE standard for providing VLAN identification and quality of service (QoS) levels. Four bytes are added to an Ethernet frame, increasing the maximum frame size from 1518 to 1522 bytes. Three bits are used to allow eight priority levels (QoS) and 12 bits are used to identify up to 4094 VLANs.
VLAN Parameters • VLAN support defines the parameters that are related to the VLAN aware features of the units. • Each VLAN includes stations that can only communicate with other stations within the same VLAN. • Provides the ability to set traffic priorities for certain frames. • VLAN information is included into the VLAN Tag header, inserted in each frame between the MAC header and the data.
VLAN ID – Data (SU Only) • Applicable for Access Links Only. • Valid range is 1 to 4094. • Frames received from the Wireless Link Port: • Only tagged frames with VLAN ID value equal to the ID defined in the unit are forwarded to the Ethernet port. • Frames received from the Ethernet port: • A VLAN data tag is inserted in all untagged frames received from the Ethernet port before being sent to the wireless link.
VLAN ID Management (AU, SU) • Applicable for all link types. • Sets the VLAN ID for management frames; this applies to all management applications using protocols such as SNMP, TFTP, ICMP (ping), and Telnet. • Values ranges are 1 to 4094, or 65535 (No VLAN). VID-M = VLAN ID-Management PID-M = VLAN Priority-Management
VLAN Awareness in BreezeACCESS • Access Link (SU only) – Transfers frames while tagging/un-tagging because all devices are VLAN unaware. Thus, the unit cannot transfer tagged frames. • Trunk Link (AU/SU) – Transfers only tagged frames, because all devices connected to it are VLAN aware. • Hybrid Link (AU/SU) – Transfers both tagged and un-tagged frames, since the devices connected to it can either be VLAN aware or VLAN unaware. This is the same as No VLAN.
VLAN Management VLAN Management Tagged Frames Untagged Frames AU SU Un- Tagging Translation 11 to ETH Filtering Translation ETH to 11 TRUNK ACCESS VLAN Link - Access Link (SU Only) Tagged Frames
VLAN Management VLAN Management Tagged Frames Tagged Frames Tagged Frames SU AU Translation 11 to ETH Translation ETH to 11 TRUNK TRUNK VLAN Link – Trunk Link
VLAN Link – Hybrid Link Management Without VLAN Management Without VLAN Untagged or Tagged Frames Untagged or Tagged Frames Untagged or Tagged Frames AU SU Translation ETH to 11 Translation 11 to ETH Hybrid Hybrid
VLAN Forwarding (AU & SU) • Applicable for Trunk Link only. • VLAN Forwarding List - Constructed from the following sub-parameters • VLAN Forwarding Support - Enable or Disable (the default value is Disable). • Add Forwarding VID - Values from 1 till 4094 (correspond to VID value) (20 entries max) • Remove Forwarding VID - Values from 1 till 4094 (correspond to VID value). • Note: The default value of the VLAN Forwarding List is to Filter all.
VLAN Relaying (AU Only) • VLAN Relaying List – constructed from the following sub-parameters • VLAN Relaying Support - Enable or Disable (default value) • Add Relaying VID - Values from 1 till 4094 (correspond to VID value) (20 entries max) • Remove Relaying VID - Values from 1 till 4094 (correspond to VID value). • Note: The default value of the VLAN Relaying List is to Filter all.
VLAN Traffic Priority • VLAN Traffic Priority – Constructed from the following sub-parameters: • VLAN Priority – Data (SU Only): All data frames are routed to the LOW queue. Values are 0-7. • VLAN Priority – Management (AU & SU) All management frames are routed to the HIGH queue. Values from 0-7. • VLAN Priority – Voice (SU with voice): All voice frames are routed to the HIGH queue. Values are 0-7. • VLAN Priority Threshold - Values from 0 till 7 (“4” is the default value).
Security Parameters • Unauthorized wireless connection is prevented by using the Wired Equivalent Privacy (WEP) algorithm defined in the IEEE 802.11 Wireless LAN Standard. • The WEP is based on RSA’s RC4 encryption algorithm. • BreezeACCESS VL employs 128 bit encryption along with AES
Security Parameters • Authentication Algorithm determines the operation mode of the unit. • Open System: An SU configured to Open System can be authenticated only by an AU that is also configured to Open System. The WEP algorithm is not used. • Shared Key: Authentication enabled. The authentication messages are encrypted. An SU configured to use Shared Key can be authenticated only by an AU configured to use Shared Key, provide they both use the same WEP key.
MAC Address Black List (AU Only) • SU units whichtheir MAC address appear in the AU unit’s “Black List”, Data transmission will be blocked (uplink direction only). • The Black List can include up to 100 SU MAC Addresses. • During AU start-up process the Black List is saved in the MACAD database as a special new type of MAC addresses • A unit that belongs to the black list is allowed to associate with the AU to avoid the potential interference caused by a scanning SU unit, however the Uplink of that unit is blocked for data transfer. • It is assumed that applicationswhich are blocked on one direction will stop functioning and will eventually stop their data transmission. • The feature operates in run time.
Security Parameters • Max Associations • Management settable 0 - 512 (512 default) • “Support All” Authentication Mode (AU Only) • When configuring existing networks to use “Shared Key”, it may be needed by the AU to support both SU’s with Open and Shared key active configurations, including SU’s with no or wrong WEP Keys until all SU’s are configured to proper “Shared Key” mode. • This would be used with Black List to bring on a rouge device and block it from transmitting to the network. This prevents it from generating RF while it continues to probe for networks.
RADIUS Billing and Authentication • Remote Authentication Dial-In User (RADIUS) enables operators to manage users in a single database. • Supports authentication (user name and password) as well as user configuration information. • ToS • Qos • A RADIUS client is implemented in each SU and can be used for authentication, accounting, or both.
Multi-Rate • Dynamically switches between transmission rates in order to increase the probability of using the maximum data rate for the current radio link quality at any given moment. • Decreasing the rate increases the sensitivity by 6 – 8 dB. • The decision rate is separate for each unit.
Asymmetrical Multi-Rate • Down-link data rate is independent to the Maximum Data Rate configured in the SU. • AU will transmit data rate at the maximum rate available, regardless of the data rate for the uplink SU. • Uplink is still dependent upon the Maximum Data Rate for the SU.
Multi-Rate Decision Window Size • Sets the size of the decision window. • Increasing the size of the window will increase the probability that it will be a successful window, thus slowing down the decision to degrade to a lower rate and accelerating the decision to upgrade to a higher rate. • Valid range is from 1 to 50. • Default value is 12.
Number of Failures in Multi-Rate Decision Window • Sets the maximum number of failures allowed in a decision window. • Valid range is from 1 to Multi-Rate Decision Window Size. • Default value is 8.
Higher Resolution Best AU Selection Parameters • In order to allow the SU to better select the best received AU, the selection is based on dBm and NOT on a relative mark given to the AU. The resolution is 1 dBm. • The SU scans, for a configured number of cycles, all of the AUs it can communicate with. • Eventually, the SU reaches a decision to join a particular AU based on the highest mark received.
Best AU Selection Parameters, cont. • The quality mark given to each AU depends upon the level at which it is received by the SU. RSSI Scores vs. Level in dBm of Received Signal